]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/tests/api/check-params/users.ts
projects / github / Chocobozzz / PeerTube.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Increase test timeout for travis
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / users.ts
1 /* tslint:disable:no-unused-expression */
2
3 import { omit } from 'lodash'
4 import 'mocha'
5 import { join } from 'path'
6 import { UserRole } from '../../../../shared'
7
8 import {
9 createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
10 makePostBodyRequest, makeUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
11 updateUser, uploadVideo, userLogin
12 } from '../../utils'
13 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
14
15 describe('Test users API validators', function () {
16 const path = '/api/v1/users/'
17 let userId: number
18 let rootId: number
19 let videoId: number
20 let server: ServerInfo
21 let serverWithRegistrationDisabled: ServerInfo
22 let userAccessToken = ''
23 const user = {
24 username: 'user1',
25 password: 'my super password'
26 }
27
28 // ---------------------------------------------------------------
29
30 before(async function () {
31 this.timeout(30000)
32
33 await flushTests()
34
35 server = await runServer(1)
36 serverWithRegistrationDisabled = await runServer(2)
37
38 await setAccessTokensToServers([ server ])
39
40 const videoQuota = 42000000
41 await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
42 userAccessToken = await userLogin(server, user)
43
44 const res = await uploadVideo(server.url, server.accessToken, {})
45 videoId = res.body.video.id
46 })
47
48 describe('When listing users', function () {
49 it('Should fail with a bad start pagination', async function () {
50 await checkBadStartPagination(server.url, path, server.accessToken)
51 })
52
53 it('Should fail with a bad count pagination', async function () {
54 await checkBadCountPagination(server.url, path, server.accessToken)
55 })
56
57 it('Should fail with an incorrect sort', async function () {
58 await checkBadSortPagination(server.url, path, server.accessToken)
59 })
60
61 it('Should fail with a non authenticated user', async function () {
62 await makeGetRequest({
63 url: server.url,
64 path,
65 statusCodeExpected: 401
66 })
67 })
68
69 it('Should fail with a non admin user', async function () {
70 await makeGetRequest({
71 url: server.url,
72 path,
73 token: userAccessToken,
74 statusCodeExpected: 403
75 })
76 })
77 })
78
79 describe('When adding a new user', function () {
80 const baseCorrectParams = {
81 username: 'user2',
82 email: 'test@example.com',
83 password: 'my super password',
84 videoQuota: -1,
85 role: UserRole.USER
86 }
87
88 it('Should fail with a too small username', async function () {
89 const fields = immutableAssign(baseCorrectParams, { username: 'fi' })
90
91 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
92 })
93
94 it('Should fail with a too long username', async function () {
95 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
96
97 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
98 })
99
100 it('Should fail with a not lowercase username', async function () {
101 const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
102
103 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
104 })
105
106 it('Should fail with an incorrect username', async function () {
107 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
108
109 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
110 })
111
112 it('Should fail with a missing email', async function () {
113 const fields = omit(baseCorrectParams, 'email')
114
115 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
116 })
117
118 it('Should fail with an invalid email', async function () {
119 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
120
121 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
122 })
123
124 it('Should fail with a too small password', async function () {
125 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
126
127 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
128 })
129
130 it('Should fail with a too long password', async function () {
131 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
132
133 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
134 })
135
136 it('Should fail with an non authenticated user', async function () {
137 await makePostBodyRequest({
138 url: server.url,
139 path,
140 token: 'super token',
141 fields: baseCorrectParams,
142 statusCodeExpected: 401
143 })
144 })
145
146 it('Should fail if we add a user with the same username', async function () {
147 const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
148
149 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
150 })
151
152 it('Should fail if we add a user with the same email', async function () {
153 const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
154
155 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
156 })
157
158 it('Should fail without a videoQuota', async function () {
159 const fields = omit(baseCorrectParams, 'videoQuota')
160
161 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
162 })
163
164 it('Should fail with an invalid videoQuota', async function () {
165 const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
166
167 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
168 })
169
170 it('Should fail without a user role', async function () {
171 const fields = omit(baseCorrectParams, 'role')
172
173 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
174 })
175
176 it('Should fail with an invalid user role', async function () {
177 const fields = immutableAssign(baseCorrectParams, { role: 88989 })
178
179 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
180 })
181
182 it('Should fail with a "peertube" username', async function () {
183 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
184
185 await makePostBodyRequest({
186 url: server.url,
187 path,
188 token: server.accessToken,
189 fields,
190 statusCodeExpected: 409
191 })
192 })
193
194 it('Should succeed with the correct params', async function () {
195 await makePostBodyRequest({
196 url: server.url,
197 path,
198 token: server.accessToken,
199 fields: baseCorrectParams,
200 statusCodeExpected: 200
201 })
202 })
203
204 it('Should fail with a non admin user', async function () {
205 const user = {
206 username: 'user1',
207 password: 'my super password'
208 }
209 userAccessToken = await userLogin(server, user)
210
211 const fields = {
212 username: 'user3',
213 email: 'test@example.com',
214 password: 'my super password',
215 videoQuota: 42000000
216 }
217 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
218 })
219 })
220
221 describe('When updating my account', function () {
222 it('Should fail with an invalid email attribute', async function () {
223 const fields = {
224 email: 'blabla'
225 }
226
227 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
228 })
229
230 it('Should fail with a too small password', async function () {
231 const fields = {
232 password: 'bla'
233 }
234
235 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
236 })
237
238 it('Should fail with a too long password', async function () {
239 const fields = {
240 password: 'super'.repeat(61)
241 }
242
243 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
244 })
245
246 it('Should fail with an invalid NSFW policy attribute', async function () {
247 const fields = {
248 nsfwPolicy: 'hello'
249 }
250
251 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
252 })
253
254 it('Should fail with an invalid autoPlayVideo attribute', async function () {
255 const fields = {
256 autoPlayVideo: -1
257 }
258
259 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
260 })
261
262 it('Should fail with an non authenticated user', async function () {
263 const fields = {
264 password: 'my super password'
265 }
266
267 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
268 })
269
270 it('Should fail with a too long description', async function () {
271 const fields = {
272 description: 'super'.repeat(60)
273 }
274
275 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
276 })
277
278 it('Should succeed with the correct params', async function () {
279 const fields = {
280 password: 'my super password',
281 nsfwPolicy: 'blur',
282 autoPlayVideo: false,
283 email: 'super_email@example.com'
284 }
285
286 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
287 })
288 })
289
290 describe('When updating my avatar', function () {
291 it('Should fail without an incorrect input file', async function () {
292 const fields = {}
293 const attaches = {
294 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'video_short.mp4')
295 }
296 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
297 })
298
299 it('Should fail with a big file', async function () {
300 const fields = {}
301 const attaches = {
302 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'avatar-big.png')
303 }
304 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
305 })
306
307 it('Should succeed with the correct params', async function () {
308 const fields = {}
309 const attaches = {
310 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'avatar.png')
311 }
312 await makeUploadRequest({
313 url: server.url,
314 path: path + '/me/avatar/pick',
315 token: server.accessToken,
316 fields,
317 attaches,
318 statusCodeExpected: 200
319 })
320 })
321 })
322
323 describe('When getting a user', function () {
324 before(async function () {
325 const res = await getUsersList(server.url, server.accessToken)
326
327 userId = res.body.data[1].id
328 })
329
330 it('Should fail with an non authenticated user', async function () {
331 await makeGetRequest({ url: server.url, path: path + userId, token: 'super token', statusCodeExpected: 401 })
332 })
333
334 it('Should fail with a non admin user', async function () {
335 await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 403 })
336 })
337
338 it('Should succeed with the correct params', async function () {
339 await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: 200 })
340 })
341 })
342
343 describe('When updating a user', function () {
344
345 before(async function () {
346 const res = await getUsersList(server.url, server.accessToken)
347
348 userId = res.body.data[1].id
349 rootId = res.body.data[2].id
350 })
351
352 it('Should fail with an invalid email attribute', async function () {
353 const fields = {
354 email: 'blabla'
355 }
356
357 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
358 })
359
360 it('Should fail with an invalid videoQuota attribute', async function () {
361 const fields = {
362 videoQuota: -90
363 }
364
365 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
366 })
367
368 it('Should fail with an invalid user role attribute', async function () {
369 const fields = {
370 role: 54878
371 }
372
373 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
374 })
375
376 it('Should fail with an non authenticated user', async function () {
377 const fields = {
378 videoQuota: 42
379 }
380
381 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
382 })
383
384 it('Should fail when updating root role', async function () {
385 const fields = {
386 role: UserRole.MODERATOR
387 }
388
389 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
390 })
391
392 it('Should succeed with the correct params', async function () {
393 const fields = {
394 email: 'email@example.com',
395 videoQuota: 42,
396 role: UserRole.MODERATOR
397 }
398
399 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
400 userAccessToken = await userLogin(server, user)
401 })
402 })
403
404 describe('When getting my information', function () {
405 it('Should fail with a non authenticated user', async function () {
406 await getMyUserInformation(server.url, 'fake_token', 401)
407 })
408
409 it('Should success with the correct parameters', async function () {
410 await getMyUserInformation(server.url, userAccessToken)
411 })
412 })
413
414 describe('When getting my video rating', function () {
415 it('Should fail with a non authenticated user', async function () {
416 await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
417 })
418
419 it('Should fail with an incorrect video uuid', async function () {
420 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
421 })
422
423 it('Should fail with an unknown video', async function () {
424 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
425 })
426
427 it('Should succeed with the correct parameters', async function () {
428 await getMyUserVideoRating(server.url, server.accessToken, videoId)
429 })
430 })
431
432 describe('When removing an user', function () {
433 it('Should fail with an incorrect id', async function () {
434 await removeUser(server.url, 'blabla', server.accessToken, 400)
435 })
436
437 it('Should fail with the root user', async function () {
438 await removeUser(server.url, rootId, server.accessToken, 400)
439 })
440
441 it('Should return 404 with a non existing id', async function () {
442 await removeUser(server.url, 4545454, server.accessToken, 404)
443 })
444 })
445
446 describe('When register a new user', function () {
447 const registrationPath = path + '/register'
448 const baseCorrectParams = {
449 username: 'user3',
450 email: 'test3@example.com',
451 password: 'my super password'
452 }
453
454 it('Should fail with a too small username', async function () {
455 const fields = immutableAssign(baseCorrectParams, { username: 'ji' })
456
457 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
458 })
459
460 it('Should fail with a too long username', async function () {
461 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
462
463 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
464 })
465
466 it('Should fail with an incorrect username', async function () {
467 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
468
469 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
470 })
471
472 it('Should fail with a missing email', async function () {
473 const fields = omit(baseCorrectParams, 'email')
474
475 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
476 })
477
478 it('Should fail with an invalid email', async function () {
479 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
480
481 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
482 })
483
484 it('Should fail with a too small password', async function () {
485 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
486
487 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
488 })
489
490 it('Should fail with a too long password', async function () {
491 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
492
493 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
494 })
495
496 it('Should fail if we register a user with the same username', async function () {
497 const fields = immutableAssign(baseCorrectParams, { username: 'root' })
498
499 await makePostBodyRequest({
500 url: server.url,
501 path: registrationPath,
502 token: server.accessToken,
503 fields,
504 statusCodeExpected: 409
505 })
506 })
507
508 it('Should fail with a "peertube" username', async function () {
509 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
510
511 await makePostBodyRequest({
512 url: server.url,
513 path: registrationPath,
514 token: server.accessToken,
515 fields,
516 statusCodeExpected: 409
517 })
518 })
519
520 it('Should fail if we register a user with the same email', async function () {
521 const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })
522
523 await makePostBodyRequest({
524 url: server.url,
525 path: registrationPath,
526 token: server.accessToken,
527 fields,
528 statusCodeExpected: 409
529 })
530 })
531
532 it('Should succeed with the correct params', async function () {
533 await makePostBodyRequest({
534 url: server.url,
535 path: registrationPath,
536 token: server.accessToken,
537 fields: baseCorrectParams,
538 statusCodeExpected: 204
539 })
540 })
541
542 it('Should fail on a server with registration disabled', async function () {
543 const fields = {
544 username: 'user4',
545 email: 'test4@example.com',
546 password: 'my super password 4'
547 }
548
549 await makePostBodyRequest({
550 url: serverWithRegistrationDisabled.url,
551 path: registrationPath,
552 token: serverWithRegistrationDisabled.accessToken,
553 fields,
554 statusCodeExpected: 403
555 })
556 })
557 })
558
559 describe('When registering multiple users on a server with users limit', function () {
560 it('Should fail when after 3 registrations', async function () {
561 await registerUser(server.url, 'user42', 'super password', 403)
562 })
563 })
564
565 describe('When having a video quota', function () {
566 it('Should fail with a user having too many video', async function () {
567 await updateUser({
568 url: server.url,
569 userId: rootId,
570 accessToken: server.accessToken,
571 videoQuota: 42
572 })
573
574 await uploadVideo(server.url, server.accessToken, {}, 403)
575 })
576
577 it('Should fail with a registered user having too many video', async function () {
578 this.timeout(30000)
579
580 const user = {
581 username: 'user3',
582 password: 'my super password'
583 }
584 userAccessToken = await userLogin(server, user)
585
586 const videoAttributes = { fixture: 'video_short2.webm' }
587 await uploadVideo(server.url, userAccessToken, videoAttributes)
588 await uploadVideo(server.url, userAccessToken, videoAttributes)
589 await uploadVideo(server.url, userAccessToken, videoAttributes)
590 await uploadVideo(server.url, userAccessToken, videoAttributes)
591 await uploadVideo(server.url, userAccessToken, videoAttributes)
592 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
593 })
594 })
595
596 describe('When asking a password reset', function () {
597 const path = '/api/v1/users/ask-reset-password'
598
599 it('Should fail with a missing email', async function () {
600 const fields = {}
601
602 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
603 })
604
605 it('Should fail with an invalid email', async function () {
606 const fields = { email: 'hello' }
607
608 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
609 })
610
611 it('Should success with the correct params', async function () {
612 const fields = { email: 'admin@example.com' }
613
614 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
615 })
616 })
617
618 after(async function () {
619 killallServers([ server, serverWithRegistrationDisabled ])
620
621 // Keep the logs if the test failed
622 if (this['ok']) {
623 await flushTests()
624 }
625 })
626 })
ActivityPub-federated video streaming platform using P2P directly in your web browser